With the inclusion of the new "double whitelist" seccomp filter, Qemu won't be able to execve() in runtime, thus, no hotplug net devices allowed.
Signed-off-by: Eduardo Otubo <ot...@linux.vnet.ibm.com> --- hmp.c | 6 ++++++ net.c | 13 +++++++++++++ 2 files changed, 19 insertions(+) diff --git a/hmp.c b/hmp.c index 70bdec2..f258338 100644 --- a/hmp.c +++ b/hmp.c @@ -1091,6 +1091,12 @@ void hmp_netdev_add(Monitor *mon, const QDict *qdict) Error *err = NULL; QemuOpts *opts; +#ifdef CONFIG_SECCOMP + error_set(&err, ERROR_CLASS_GENERIC_ERROR, + "Cannot hotplug TAP device when -sandbox is in effect"); + goto out; +#endif + opts = qemu_opts_from_qdict(qemu_find_opts("netdev"), qdict, &err); if (error_is_set(&err)) { goto out; diff --git a/net.c b/net.c index ae4bc0d..a652ee9 100644 --- a/net.c +++ b/net.c @@ -752,6 +752,12 @@ void net_host_device_add(Monitor *mon, const QDict *qdict) Error *local_err = NULL; QemuOpts *opts; +#ifdef CONFIG_SECCOMP + error_set(&local_err, ERROR_CLASS_GENERIC_ERROR, + "Cannot hotplug TAP device when -sandbox is in effect"); + goto out; +#endif + if (!net_host_check_device(device)) { monitor_printf(mon, "invalid host network device %s\n", device); return; @@ -765,6 +771,7 @@ void net_host_device_add(Monitor *mon, const QDict *qdict) qemu_opt_set(opts, "type", device); net_client_init(opts, 0, &local_err); +out: if (error_is_set(&local_err)) { qerror_report_err(local_err); error_free(local_err); @@ -800,6 +807,12 @@ int qmp_netdev_add(Monitor *mon, const QDict *qdict, QObject **ret) QemuOptsList *opts_list; QemuOpts *opts; +#ifdef CONFIG_SECCOMP + error_set(&local_err, ERROR_CLASS_GENERIC_ERROR, + "Cannot hotplug TAP device when -sandbox is in effect"); + goto exit_err; +#endif + opts_list = qemu_find_opts_err("netdev", &local_err); if (error_is_set(&local_err)) { goto exit_err; -- 1.7.12